TUV Rheinland: Cybersecurity has become a board-level issue

COLOGNE, Germany, June 18, 2019 /PRNewswire/ — Cybersecurity is increasingly becoming a top priority in German companies. This is one of eight trends identified by TUV Rheinland in its Cybersecurity Trends 2019 publication. The problem: “For a long time, many companies have regarded cybersecurity not as a business risk, but as an IT problem. The attack with the NotPetya malware in 2017 changed this perspective,” explains Wolfgang Kiener, the leading global expert responsible for threat management at TUV Rheinland. According to media reports, the cyberattack alone cost Maersk, FedEx and Reckitt Benckiser several hundred million euros. “Since 2017 and the appearance of the malware NotPetya, the management awareness for IT risks has increased considerably. Moreover, this increased management awareness is an urgent need in today’s world,” observes Kiener. The consequence: long-term changes in the management of cybersecurity risks in organizations and in the question of who is responsible for this problem.

Cybersecurity: Corporate culture for more security

The cybersecurity factor is exerting more and more pressure even on established companies. Whether and to what extent the issue of cybersecurity is integrated into the decision-making process of a company’s management is an indicator of a company’s maturity in dealing with cyber risks. “Those who counter this business risk at management level minimize financial risks and possible damage to their image. These are important prerequisites for safe and sustainable growth,” says Wolfgang Kiener. For a long time now, this has not only been about possible technical solutions: “Companies not only protect themselves more efficiently with a lived cybersecurity culture, but also act faster and more innovatively,” adds Kiener.

Training of employees is crucial

Many companies still find it difficult to see the profitability of investing in cybersecurity. In order to counteract this, TUV Rheinland’s experts believe that cybersecurity must also be seen as an investment in the qualification of employees. A representative survey commissioned by TUV Rheinland in Germany shows that 41 percent of those surveyed have never received any training on the subject of data protection or data security in their company. Conversely, almost 42 percent of those surveyed stated that it is already mandatory in their company to complete a training course on data protection or data security. If only the IT specialists among the respondents are considered, 60 percent state that such training is obligatory for them. It is striking that a quarter of IT specialists have never taken part in such training.

“Include all employees without exception.”

As a rule, a Chief Information Security Officer (CISO) is indispensable in companies with established cybersecurity. The CISO offers expert knowledge and can adapt structures in companies. “Our Cybersecurity Trends 2019 and the results of the survey show that those responsible for data security and data protection need to establish comprehensive structures in companies. The goal: All employees become part of the safety concept – and ideally without any exceptions, regardless of their position or type of employment,” concludes Wolfgang Kiener. Comprehensive, regular and compulsory training is part of this. In addition, a comprehensive cybersecurity strategy must be formulated. Based on this, executives can see how much they need to invest in cybersecurity to help their business minimize cybersecurity risks and grow sustainably.

Published for the sixth time

TUV Rheinland has published the forecasts of its world leading cybersecurity experts for the sixth time in 2019. In addition to the changing perception of cybersecurity risks, cybersecurity trends focus on how strongly cybercrime influences technologies such as Operational Technology (OT) in industry and the Internet of Things (IoT), and why the shortage of skilled workers could become a growing problem.

TUV Rheinland is a global leader in independent inspection services, founded nearly 150 years ago. The group maintains a worldwide presence of more than 20,000 people; annual turnover is EUR 2 billion. The independent experts stand for quality and safety for people, technology and the environment in nearly all aspects of life. TUV Rheinland inspects technical equipment, products and services, oversees projects, and helps to shape processes and information security for companies. Its experts train people in a wide range of careers and industries. To this end, TUV Rheinland employs a global network of approved labs, testing and education centers. Since 2006, TUV Rheinland has been a member of the United Nations Global Compact to promote sustainability and combat corruption. Website: www.tuv.com